Children's privacy.

Who this applies to

CohortLedger is intended for use by adult operators (the people running a microschool, learning pod, or homeschool co-op). The schools that use CohortLedger commonly serve children, and many of those children are under 13. This policy explains how CohortLedger treats information about children, with particular attention to the federal Children’s Online Privacy Protection Act (COPPA).

Our role and the school’s role

CohortLedger acts as a service provider to the school. The school is responsible for obtaining any required parental consent for the use of services that involve information about that school’s students. CohortLedger does not collect personal information directly from children. Children do not log in to CohortLedger. The dashboard is used by the operator, not by students.

What information about children we hold

The operator records the minimum information needed to bill, register a child with an ESA program, and meet state attendance and quarterly reporting rules:

• First name, last name, grade level, enrollment date.
• The family the child belongs to and their sibling relationships.
• The state ESA program assigned to the child, if any.
• Quarterly funding amounts and statuses.
• Attendance entries (present, late, excused, absent).

We do not collect child photos. We do not collect health records. We do not collect biometric data. We do not collect social security numbers. We do not collect device identifiers or geolocation data from children. We do not display advertising to children. We do not use child information to build profiles for any purpose other than operating the service.

What we never do

• We do not sell child data.
• We do not share child data with advertising networks.
• We do not use student records to train AI models, ours or any third party’s.
• We do not market to children. The dashboard is for adult operators.

Parental rights and contact

Parents who want to access, correct, or request deletion of information about their child should contact their school directly. The school is the controller of that information under our DPA and is in the best position to verify identity and respond. CohortLedger will support the school in fulfilling verified parent requests, subject to state record-retention rules.

If a parent has a COPPA-specific concern that the school is unable to resolve, or a question about how CohortLedger handles child data, email privacy@cohortledger.com or write to Ravencord Inc., Brentwood, Tennessee, United States. We respond within two business days.

Operator responsibilities

Operators using CohortLedger agree, by virtue of the Terms of Service and the DPA:

• To obtain any required parental notifications or consents under applicable state law before enrolling a child in CohortLedger.
• To respond to parental access, correction, and deletion requests within the school’s reasonable timelines.
• To not upload information about a child that the operator does not have the right to use.
• To not upload child photos, biometric records, or health records into CohortLedger.

State-specific student data privacy laws

Several US states have student data privacy laws that go beyond COPPA, including California, Colorado, Connecticut, Utah, Texas, Virginia, and others. CohortLedger’s practices are designed to align with the principles common across those laws: data minimization, purpose limitation, transparency, no sale, no advertising, defined retention, and verified rights handling. See the Data Processing Addendum for contractual terms operators can adopt to satisfy state-specific requirements.

Reporting concerns

If you believe a school is misusing CohortLedger to handle child data in a way that violates COPPA or applicable state law, contact privacy@cohortledger.com. We take these reports seriously and will investigate.